Installing SSH Server in Windows XP Home

A secure computing environment is always one of the most desirable factors when you decide to work with a computer or its associated network. Operating systems such as UNIX have built-in capabilities to do secure transmission and reception of data in the network. In a UNIX installation package, there is an installed SSH (Secure Shell) that has encryption abilities in communicating with a network of computers.

Unfortunately, the default Windows XP Home installation does not have one. Fortunately, there is a way to fix this. 

This tutorial will look into the possibility of installing an SSH server on a Windows XP Home computer. There is no need to install a UNIX operating system (thus having two operating systems) on your computer because there are what we call "Unix emulators" that can be installed right in your Windows XP Home.

One of these emulators, called "CYGWIN," offers OpenSSH, a server that can be installed on your Windows computer to use for working with secure shell transmission and reception of data.

If you are still new to networking, you might question why there is a need to have a secure data communication network. It is because it's very possible to intercept information as it travels along the communication network.

Introduction to Network Transmission/Reception

The default communication network transmits and receives data in "plain text." Thus, if you are sending a password or a credit card number to a certain server in an unsecured data communication network, it is extremely possible for someone with the right equipment to intercept your transmitted information. This is what we call "eavesdropping."

See screen shot below (without encryption):

If you are fond of using your laptop and connecting wirelessly to the Internet inside a mall or a coffee shop, be warned. Most of these places offer an  unsecured communication network, such as the one illustrated above.

If you tighten the security with an SSH server, this is what happens:

The above illustration, points to the following potential benefits of having a secured communication using SSH:

• Encrypted messaging service using Yahoo, Live messenger -- You can configure your chat software to work with your Windows XP Home SSH server to act as a proxy and thereby encrypt the communications. 
  
• Encrypted web browsing -- You can also configure your favorite web browsers such as Internet Explorer, Firefox and other prominent browsers to communicate with an SSH server to act as a proxy. This will encrypt your web browsing experience, thus preventing eavesdropping in case you are working in an unsecured environment (such as in a wireless, hotspot area).

Configuration of the two above applications is beyond the scope of this article.

OpenSSH Server Installation

This section discusses the downloading procedure and installation of OpenSSH in a Windows XP home computer.

There are a lot of tutorials on the Internet about OpenSSH installation, which is very confusing and not user-friendly. For example, it is a common practice to download "Cygwin" (the UNIX emulator for Windows XP), and then customize the installation to select OpenSSH. The installation interface is a bit confusing, and any confused users could end up downloading the wrong file or the entire Cygwin installer package, which could take hours to download.

Anyway, research has been done to find the easiest way to download and install OpenSSH. The following are the steps to follow:

Step 1: Go to http://sourceforge.net/projects/sshwindows/files/ , and look for "setupssh381-20040709.zip" under "OpenSSH for Windows - Release." This is the link to download OpenSSH installer for your Windows XP Home computer.

Step 2: Click that link and download the file to your desktop.

Step 3: Once the installer has been downloaded to your desktop, note that this is a .ZIP archive. You need to unzip the whole folder by right clicking on the archive, and then clicking "Extract to setupssh381-20040709." This will extract the file into a Windows folder. You can then locate this in the desktop. See screen shot:

Step 4: Close all the programs you currently have open, and then double click the installer. The installation instructions are easy and straightforward. However, if you are bit confused about the process, note that you should be installing the following features: 

• Client
  
• Server
  
• Start Menu Shortcuts

Then set the installation path to C:Program FilesOpenSSH.

Step 5: When the installation is about to be completed, the installer will pop up this warning:

"Before starting the OpenSSH service you MUST edit the C:Program FilesOpenSSHetcpasswd file. If you don't do this, you will not be able to login through the SSH server. Please read the readme.txt or quickstart.txt file for information regarding proper setup of the passwd file."

Just click OK and the installation will be completed.

OpenSSH Server Configuration

After successful installation, you need to configure your OpenSSH server.

Step 1: Go to Control Panel -> Administrative tools -> Services.

Step 2: Find OpenSSH server, and make sure the service status is set to "Stopped."

Step 3: This step is optional, but recommended. If you are using an existing SSH client in connecting to a remote SSH server (like in a web host which is using Port 22 by default), you need to change the port number assignment for OpenSSH to prevent any possibility of port conflict. Navigate to: C:Program FilesOpenSSHetc sshd_config

Change this line from:

#Port 22#Protocol 2,1Protocol 2

to:

#Port 45000Protocol 2Protocol 2

Then save the file. This will let OpenSSH server use port 45000 and remove SSH protocol 1, which is not needed. Do the same for: ssh_config file in the same directory (change the port number and remove protocol 1).

Step 4: On your Windows XP Home computer, click Start -> Run -> Type CMD, and then enter. Enter the following configuration commands in the DOS prompt:

Note: Use your Windows login username; in my case it is "Codex M."

If the screen shot above is not clear, see the text equivalent below:

C:Documents and SettingsCodex M>cd ..

C:Documents and Settings>cd ..

C:>cd Program Files

C:Program Files>cd OpenSSH

C:>Program FilesOpenSSH>cd bin

C:>Program FilesOpenSSHbin>mkgroup -l >> ..etcgroup

C:>Program FilesOpenSSHbin>mkgroup -d >> ..etcgroup

Cannot get PDC, code = 2453

C:>Program FilesOpenSSHbin>mkpasswd -l -u "Codex M" >> ..etcpasswd

C:>Program FilesOpenSSHbin>mkpasswd -d -u "Codex M" >> ..etcpasswd

mkpasswd: [2453] Could not find domain controller for this domain

C:>Program FilesOpenSSHbin>net start opensshd

The OpenSSH Server Service is starting.

The OpenSSH Server Service was started successfully.

C:>Program FilesOpenSSHbin>

Note: Just ignore the errors (in red font) and continue entering those commands until it's done.

Step 6: Now that the OpenSSH service is started, start opening an SSH tunnel with the setup you have just configured above (just to make sure it is working):

C:>Program FilesOpenSSHbin>ssh -ND 45000 "Codex M@127.0.0.1"

This will open an SSH tunnel in port 45000 at the local IP address 127.0.0.1 using the username you have set. What happens next is that a key will be shown to you. Accept it ("Yes"), and finally type your Windows login password to authenticate. You will not be able to see your password as you type it in, for your protection. This is normal.

After that, if there are no more errors, you have successfully connected and configured OpenSSH to run in Windows XP Home. There are a lot of applications for this; that includes encryption of data communication.